In multi-hop wireless systems, the need for cooperation among nodes to relay each other's packets exposes them to a wide range of security attacks. A particularly devastating attack is the wormhole attack, where a malicious node records control traffic at one location and tunnels it to another compromised node, possibly far away, which replays it locally. Routing security in ad hoc networks is often equated with strong and feasible node authentication and lightweight cryptography. Unfortunately, the wormhole attack can hardly be defeated by crypto graphical measures, as wormhole attackers do not create separate packets. They simply replay packets already existing on the network, which pass the cryptographic checks. Existing works on wormhole detection have often focused on detection using specialized hardware, such as directional antennas, etc. In this paper, we present a cluster based
counter-measure for the wormhole attack, that alleviates these drawbacks and efficiently mitigates the wormhole attack in MANET. Simulation results on MATLab exhibit the effectiveness of the proposed algorithm in detecting wormhole attacks.
To Lie or To Comply: Defending against Flood Attacks in Disruption Tolerant N...Vamsi IV
Disruption Tolerant Networks (DTNs) utilize the mobility of nodes and the opportunistic contacts among nodes for data communications. Due to the limitation in network resources such as contact opportunity and buffer space, DTNs are vulnerable to flood attacks in which attackers send as many packets or packet replicas as possible to the network, in order to deplete or overuse the limited network resources. In this paper, we employ rate limiting to defend against flood attacks in DTNs, such that each node has a limit over the number of packets that it can generate in each time interval and a limit over the number of replicas that it can generate for each packet. We propose a distributed scheme to detect if a node has violated its rate limits. To address the challenge that it is difficult to count all the packets or replicas sent by a node due to lack of communication infrastructure, our detection adopts claim-carry-and check: each node itself counts the number of packets or replicas that it has sent and claims the count to other nodes; the receiving nodes carry the claims when they move, and cross-check if their carried claims are inconsistent when they contact. The claim structure uses the pigeonhole principle to guarantee that an attacker will make inconsistent claims which may lead to detection. We provide rigorous analysis on the probability of detection, and evaluate the effectiveness and efficiency of our scheme with extensive trace driven simulations.
A Mobile Ad-Hoc Network (MANET) is a self configuring, infrastructure less network of mobile devices
connected by wireless links. Loopholes like wireless medium, lack of a fixed infrastructure, dynamic
topology, rapid deployment practices, and the hostile environments in which they may be deployed, make
MANET vulnerable to a wide range of security attacks and Wormhole attack is one of them. During this
attack a malicious node captures packets from one location in the network, and tunnels them to another
colluding malicious node at a distant point, which replays them locally. This paper presents a cluster based
Wormhole attack avoidance technique. The concept of hierarchical clustering with a novel hierarchical 32-
bit node addressing scheme is used for avoiding the attacking path during the route discovery phase of the
DSR protocol, which is considered as the under lying routing protocol. Pinpointing the location of the
wormhole nodes in the case of exposed attack is also given by using this method.
Detecting Wormhole Attack in Mobile Ad-hoc Networks: A Surveyijsrd.com
A Mobile Ad Hoc Network (MANET) is a self organizing, infrastructure less, multi-hop network. The wireless and distributed nature of MANETs poses a great challenge to system security designers. Ad hoc networks are by nature very open to anyone. Anyone with the proper hardware and knowledge of the network topology and protocols can connect to the network. This allows potential attackers to infiltrate the network and carry out attacks on its participants with the purpose of stealing or altering information. A specific type of attack, the Wormhole attack does not require exploiting any nodes in the network and can interfere with the route establishment process. It does not require any cryptographic primitives. This attack targets specifically routing control packets, the nodes that are close to the attackers are shielded from any alternative routes with more than one or two hops to the remote location. All routes are thus directed to the wormhole established by the attackers. The entire routing system in MANET can even be brought down using the wormhole attack.
A Secure message exchange and anti-jamming mechanism in manetIJSRD
Secure neighbor discovery is the fundamental process in the MANET deployed in aggressive environment. It refers to the process that nodes exchange messages to discover and authenticate each other. It is defenseless to the jamming attack in which the adversary intentionally transmits signals to prevent neighboring nodes from exchanging messages. Existing anti-jamming communications depends on JR-SND. The JR-SND, a jamming-resilient secure neighbor discovery scheme for MANETs based on Random spread-code pre-distribution and Direct Sequence Spread Spectrum (DSSS). In Existing, they prevent the jamming and introduce the anti-jamming mechanism using DSSS introduce the secure message exchange mechanism and prevent the collisions during packet transmission. But in this we lack of introducing to detect the selfish and malicious nodes in the network. For this, in the Future Work we will enhance the work by detecting the selfish nodes using Watchdog and Neighbor Coverage-based Probabilistic Rebroadcast Protocol (NCPR).
One of the most popular areas of research is wireless communication. Mobile Ad Hoc network (MANET) is a network with wireless mobile nodes, infrastructure less and self organizing. With its wireless and distributed nature it is exposed to several security threats. One of the threats in MANET is the wormhole attack. In this attack a pair of attacker forms a virtual link thereby recording and replaying the wireless transmission. This paper presents types of wormhole attack and also includes different technique for detecting wormhole attack in MANET..
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Performance investigation of re shuffling packet attack on transport layer pr...eSAT Journals
Abstract Over the past decade, the wireless world has experienced significant developments. The emergence and proliferation of radio frequency networking products, wireless devices like handheld, wearable and portable computers, Personal Digital Assistants (PDA)s, cellular phone have given rise to a kind of wireless revolution. A mobile ad hoc network is much more assailable to attacks than a wired network due to its limited physical security, high mobility and lack of centralized administration. In this paper, we present and analyze the effects of re-shuffling attack on TCP based mobile ad-hoc networks named as Packet Re-Shuffling. In the packet reshuffling attack the malicious node will reorder the packets in its FIFO buffer before forwarding them towards their destination. Due to the out of order delivery the retransmission time out of the packet is triggered and the source TCP and UDP has to retransmit the packet. In this way it also stops the TCP to perform the congestion avoidance technique. A malicious node will always participate in route setup operations. For example, if source routing is employed, malicious nodes always relay Route Request packets in order to have as many routes as possible flowing through themselves; if distance vector routing is employed, malicious nodes will also obey all control-plane protocol specifications. However, once a route is established, attacking nodes will thwart the end-to-end throughput of the flow via above mentioned attacks. The effect of the proposed attack is analyzed with the simulation results generated using the trial version of the simulator known as Exata Cyber 2.0. The simulation results are given in terms of metrics such as data flow throughput, Packet Retransmission, average end-to-end delay and packet delivery ratio. In this paper, we are giving The study on UDP and TCP. Keywords: MANETs; Multimedia Streaming; Routing protocols; QoS; Topology; Node Mobility; Network Scalability;
To Lie or To Comply: Defending against Flood Attacks in Disruption Tolerant N...Vamsi IV
Disruption Tolerant Networks (DTNs) utilize the mobility of nodes and the opportunistic contacts among nodes for data communications. Due to the limitation in network resources such as contact opportunity and buffer space, DTNs are vulnerable to flood attacks in which attackers send as many packets or packet replicas as possible to the network, in order to deplete or overuse the limited network resources. In this paper, we employ rate limiting to defend against flood attacks in DTNs, such that each node has a limit over the number of packets that it can generate in each time interval and a limit over the number of replicas that it can generate for each packet. We propose a distributed scheme to detect if a node has violated its rate limits. To address the challenge that it is difficult to count all the packets or replicas sent by a node due to lack of communication infrastructure, our detection adopts claim-carry-and check: each node itself counts the number of packets or replicas that it has sent and claims the count to other nodes; the receiving nodes carry the claims when they move, and cross-check if their carried claims are inconsistent when they contact. The claim structure uses the pigeonhole principle to guarantee that an attacker will make inconsistent claims which may lead to detection. We provide rigorous analysis on the probability of detection, and evaluate the effectiveness and efficiency of our scheme with extensive trace driven simulations.
A Mobile Ad-Hoc Network (MANET) is a self configuring, infrastructure less network of mobile devices
connected by wireless links. Loopholes like wireless medium, lack of a fixed infrastructure, dynamic
topology, rapid deployment practices, and the hostile environments in which they may be deployed, make
MANET vulnerable to a wide range of security attacks and Wormhole attack is one of them. During this
attack a malicious node captures packets from one location in the network, and tunnels them to another
colluding malicious node at a distant point, which replays them locally. This paper presents a cluster based
Wormhole attack avoidance technique. The concept of hierarchical clustering with a novel hierarchical 32-
bit node addressing scheme is used for avoiding the attacking path during the route discovery phase of the
DSR protocol, which is considered as the under lying routing protocol. Pinpointing the location of the
wormhole nodes in the case of exposed attack is also given by using this method.
Detecting Wormhole Attack in Mobile Ad-hoc Networks: A Surveyijsrd.com
A Mobile Ad Hoc Network (MANET) is a self organizing, infrastructure less, multi-hop network. The wireless and distributed nature of MANETs poses a great challenge to system security designers. Ad hoc networks are by nature very open to anyone. Anyone with the proper hardware and knowledge of the network topology and protocols can connect to the network. This allows potential attackers to infiltrate the network and carry out attacks on its participants with the purpose of stealing or altering information. A specific type of attack, the Wormhole attack does not require exploiting any nodes in the network and can interfere with the route establishment process. It does not require any cryptographic primitives. This attack targets specifically routing control packets, the nodes that are close to the attackers are shielded from any alternative routes with more than one or two hops to the remote location. All routes are thus directed to the wormhole established by the attackers. The entire routing system in MANET can even be brought down using the wormhole attack.
A Secure message exchange and anti-jamming mechanism in manetIJSRD
Secure neighbor discovery is the fundamental process in the MANET deployed in aggressive environment. It refers to the process that nodes exchange messages to discover and authenticate each other. It is defenseless to the jamming attack in which the adversary intentionally transmits signals to prevent neighboring nodes from exchanging messages. Existing anti-jamming communications depends on JR-SND. The JR-SND, a jamming-resilient secure neighbor discovery scheme for MANETs based on Random spread-code pre-distribution and Direct Sequence Spread Spectrum (DSSS). In Existing, they prevent the jamming and introduce the anti-jamming mechanism using DSSS introduce the secure message exchange mechanism and prevent the collisions during packet transmission. But in this we lack of introducing to detect the selfish and malicious nodes in the network. For this, in the Future Work we will enhance the work by detecting the selfish nodes using Watchdog and Neighbor Coverage-based Probabilistic Rebroadcast Protocol (NCPR).
One of the most popular areas of research is wireless communication. Mobile Ad Hoc network (MANET) is a network with wireless mobile nodes, infrastructure less and self organizing. With its wireless and distributed nature it is exposed to several security threats. One of the threats in MANET is the wormhole attack. In this attack a pair of attacker forms a virtual link thereby recording and replaying the wireless transmission. This paper presents types of wormhole attack and also includes different technique for detecting wormhole attack in MANET..
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
Performance investigation of re shuffling packet attack on transport layer pr...eSAT Journals
Abstract Over the past decade, the wireless world has experienced significant developments. The emergence and proliferation of radio frequency networking products, wireless devices like handheld, wearable and portable computers, Personal Digital Assistants (PDA)s, cellular phone have given rise to a kind of wireless revolution. A mobile ad hoc network is much more assailable to attacks than a wired network due to its limited physical security, high mobility and lack of centralized administration. In this paper, we present and analyze the effects of re-shuffling attack on TCP based mobile ad-hoc networks named as Packet Re-Shuffling. In the packet reshuffling attack the malicious node will reorder the packets in its FIFO buffer before forwarding them towards their destination. Due to the out of order delivery the retransmission time out of the packet is triggered and the source TCP and UDP has to retransmit the packet. In this way it also stops the TCP to perform the congestion avoidance technique. A malicious node will always participate in route setup operations. For example, if source routing is employed, malicious nodes always relay Route Request packets in order to have as many routes as possible flowing through themselves; if distance vector routing is employed, malicious nodes will also obey all control-plane protocol specifications. However, once a route is established, attacking nodes will thwart the end-to-end throughput of the flow via above mentioned attacks. The effect of the proposed attack is analyzed with the simulation results generated using the trial version of the simulator known as Exata Cyber 2.0. The simulation results are given in terms of metrics such as data flow throughput, Packet Retransmission, average end-to-end delay and packet delivery ratio. In this paper, we are giving The study on UDP and TCP. Keywords: MANETs; Multimedia Streaming; Routing protocols; QoS; Topology; Node Mobility; Network Scalability;
A Combined Approach for Worm-Hole and Black-Hole Attack Detection in MANETIJERA Editor
Mobile ad hoc network is a kind of wireless network, in this network all nodes are connected through the wireless links and perform cooperative communication.Due to limited radio range of these devices any time can leave or join the network. Therefore the routing techniques are responsible for the network organization and communication flow. Due to this the performance of MANET is low as compared with the traditional wired communication networks. In addition of that network is suffers from the probability of attacks. Thus in this paper MANET routing strategy and their attacks are investigated and learned. In addition of that in order to secure the communication recent approaches of security in MANET also investigated. Finally a new algorithm for prevention of malicious attack in MANET is suggested. Additionally the based on the concluded facts, future extension of the proposed work is also suggested.
Selective jamming attack prevention based on packet hiding methods and wormholesIJNSA Journal
Because of the widespread use of wireless sensor ne
tworks in many applications, and due to the nature
of
the specifications of these networks (WSN) in terms
of wireless communication, the network contract
specifications, and published it in difficult envir
onments. All this leads to the network exposure to
many
types of external attacks. Therefore, the protectio
n of these networks from external attacks is consid
ered the
one of the most important researches at this time.
In this paper we investigated the security in wirel
ess
sensor networks, Limitations of WSN, Characteristic
Values for some types of attacks, and have been
providing protection mechanism capable of detecting
and protecting wireless sensor networks from a wid
e
range of attacks
SECURE LOCATION BASED ROUTING FOR MANETSAnkur Singhal
The video demonstrates sending the file from source to the destination by initially encrypting it using multihops and then decrypting it at the receiver's end
Vampire attack a novel method for detecting vampire attacks in wireless ad –h...IJLT EMAS
Ad-hoc wireless networks are dynamic in nature. Adhoc
networks are not depends on any predefined infrastructure.
Whenever there is need of communication at that point these
network can be deployed. In this paper we discuss Vampire
attacks. All protocols susceptible for vampire attack. Vampire
attacks are very easy to carry out throughout the network and
difficult to detect. Wireless sensor networks (WSNs) are the
foremost promising research direction in sensing and pervasive
computing. Previous security work has focused totally on denial
of service at the routing or medium access management levels.
Earlier, the resource depletion attacks are thought about solely
as a routing drawback, very recently these are classified into new
category as “vampire attacks”. Planned work examines the
resource depletion attacks at the routing protocol layer that
disable networks permanently by quickly debilitating node’s
battery power.
Review on Grey- Hole Attack Detection and PreventionIJARIIT
These Grey Hole attacks poses a serious security threat to the routing services by attacking the reactive routing protocols resulting in drastic drop of data packets. AODV (Ad hoc on demand Distance Vector) routing being one of the many protocols often becomes an easy victim to such attacks. The survey also gives up-to-date information of all the works that have been done in this area. Besides the security issues they also described the layered architecture of MANET, their applications and a brief summary of the proposed works that have been done in this area to secure the network from Grey Hole attacks
Modified AODV Algorithm using Data Mining Process: Classification and Clusteringidescitation
Security of Wireless Ad hoc network has a primary
concern to provide protected communication between mobile
nodes. When we routing some packet it can use both malicious
node or authenticate node for forwarding and receiving data.
Malicious node can attack like black hole, misuse of data or
hacked information. Our aim is to discuss the feasibility of
monitoring the node of different networks, to analyze it for
providing better security in AODV routing protocol. We
implement data mining techniques for search large amount
of data according characteristic rules and patterns to detect
malicious node. We have used growing neural gas (GNS)
clustering algorithm to make clusters and analysis data. Using
soft computing technique we find patterns, analysis node and
take decision based on decision tree.
Design of Transport Layer Based Hybrid Covert Channel Detection Engineijasuc
Computer network is unpredictable due to information warfare and is prone to various
attacks. Such attacks on network compromise the most important attribute, the privacy. Most of such
attacks are devised using special communication channel called ``Covert Channel''. The word ``Covert''
stands for hidden or non-transparent. Network Covert Channel is a concealed communication path within
legitimate network communication that clearly violates security policies laid down. The non-transparency
in covert channel is also referred to as trapdoor. A trapdoor is unintended design within legitimate
communication whose motto is to leak information. Subliminal channel, a variant of covert channel works
similarly except that the trapdoor is set in a cryptographic algorithm. A composition of covert channel with
subliminal channel is the ``Hybrid Covert Channel''. Hybrid covert channel is homogenous or
heterogeneous mixture of two or more variants of covert channels either active at same instance or at
different instances of time. Detecting such malicious channel activity plays a vital role in removing threat
to the legitimate network. In this paper, we present a study of multi-trapdoor covert channels and
introduce design of a new detection engine for hybrid covert channel in transport layer visualized in TCP
and SSL.
Advisedly delayed packet attack on tcp based mobile ad-hoc networkseSAT Journals
Abstract Efficient routing in mobile ad-hoc networks (MANETs) is a challenging task due to its varying physical channel characteristics, dynamic topology and un-centralized communication. Furthermore, multihop routing is required when the source-destination pairs are not in each other’s communication range. Due to the above challenges these networks are vulnerable to various types of attacks on various layers of the TCP/IP protocol stack. In this thesis, we implement and analyze an attack called advisedly delay packet attack on ad-hoc on-demand distance vector (AODV) routing protocol. The advisedly delay packet attack is an attack that effects the TCP-based as well as UDP-based data transmissions but in this thesis we will also see how it exploits the TCP congestion control mechanism to decrease the throughput of the network. In this attack, the attacker exploit the period of retransmission time out (RTO) of the sender and attack in such a way so the sender is always transmitting in the slow start phase. Keywords- MANETs; Multimedia Streaming; Routing protocols; QoS; Topology; Node Mobility; Network Scalability
ROUTING PROTOCOLS FOR DELAY TOLERANT NETWORKS: SURVEY AND PERFORMANCE EVALUATIONijwmn
Delay Tolerant Networking (DTN) is a promising technology that aims to provide efficient communication
between devices in a network with no guaranteed continuous connectivity. Most existing routing schemes
for DTNs exploit the advantage of message replication to achieve high message delivery rate. However,
these schemes commonly suffer from large communication overhead due to the lack of efficient mechanisms
to control message replication. In this paper we give a brief survey on routing protocols designed for
DTNs, and evaluate the performance of several representative routing protocols including Epidemic, Spray
and Wait, PRoPHET, and 3R through extensive trace-driven simulations. Another objective of this work is
to evaluate the security strength of different routing schemes under common DTN attacks such as the black
hole attack. The results and analysis presented in this paper can provide useful guidance on the design and
selection of routing protocols for given delay-tolerant applications.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...ijsrd.com
The recent advancements in the wireless arena and their wide-spread utilization have introduced new security vulnerabilities. The wireless media being shared is exposed to outside world, so it is susceptible to various attacks at different layers of OSI network stack. For example, jamming and device tampering at the physical layer; disruption of the medium access control (MAC) layer; routing attacks like Blackhole, rushing, wormhole; targeted attacks on the transport protocol like session hijacking, SYN flooding or even attacks intended to disrupt specific applications through viruses, worms and Trojan Horses. Wormhole attack is one of the serious routing attacks amongst all the network layer attacks launched on MANET. Wormhole attack is launched by creation of tunnels and it leads to total disruption of the routing paths on MANET. In this paper, Wormhole detection algorithm (WDA) is proposed based on modifying the forwarding packet process that detects and isolates wormhole nodes in ad hoc on demand distance vector (AODV) routing protocol.
A Combined Approach for Worm-Hole and Black-Hole Attack Detection in MANETIJERA Editor
Mobile ad hoc network is a kind of wireless network, in this network all nodes are connected through the wireless links and perform cooperative communication.Due to limited radio range of these devices any time can leave or join the network. Therefore the routing techniques are responsible for the network organization and communication flow. Due to this the performance of MANET is low as compared with the traditional wired communication networks. In addition of that network is suffers from the probability of attacks. Thus in this paper MANET routing strategy and their attacks are investigated and learned. In addition of that in order to secure the communication recent approaches of security in MANET also investigated. Finally a new algorithm for prevention of malicious attack in MANET is suggested. Additionally the based on the concluded facts, future extension of the proposed work is also suggested.
Selective jamming attack prevention based on packet hiding methods and wormholesIJNSA Journal
Because of the widespread use of wireless sensor ne
tworks in many applications, and due to the nature
of
the specifications of these networks (WSN) in terms
of wireless communication, the network contract
specifications, and published it in difficult envir
onments. All this leads to the network exposure to
many
types of external attacks. Therefore, the protectio
n of these networks from external attacks is consid
ered the
one of the most important researches at this time.
In this paper we investigated the security in wirel
ess
sensor networks, Limitations of WSN, Characteristic
Values for some types of attacks, and have been
providing protection mechanism capable of detecting
and protecting wireless sensor networks from a wid
e
range of attacks
SECURE LOCATION BASED ROUTING FOR MANETSAnkur Singhal
The video demonstrates sending the file from source to the destination by initially encrypting it using multihops and then decrypting it at the receiver's end
Vampire attack a novel method for detecting vampire attacks in wireless ad –h...IJLT EMAS
Ad-hoc wireless networks are dynamic in nature. Adhoc
networks are not depends on any predefined infrastructure.
Whenever there is need of communication at that point these
network can be deployed. In this paper we discuss Vampire
attacks. All protocols susceptible for vampire attack. Vampire
attacks are very easy to carry out throughout the network and
difficult to detect. Wireless sensor networks (WSNs) are the
foremost promising research direction in sensing and pervasive
computing. Previous security work has focused totally on denial
of service at the routing or medium access management levels.
Earlier, the resource depletion attacks are thought about solely
as a routing drawback, very recently these are classified into new
category as “vampire attacks”. Planned work examines the
resource depletion attacks at the routing protocol layer that
disable networks permanently by quickly debilitating node’s
battery power.
Review on Grey- Hole Attack Detection and PreventionIJARIIT
These Grey Hole attacks poses a serious security threat to the routing services by attacking the reactive routing protocols resulting in drastic drop of data packets. AODV (Ad hoc on demand Distance Vector) routing being one of the many protocols often becomes an easy victim to such attacks. The survey also gives up-to-date information of all the works that have been done in this area. Besides the security issues they also described the layered architecture of MANET, their applications and a brief summary of the proposed works that have been done in this area to secure the network from Grey Hole attacks
Modified AODV Algorithm using Data Mining Process: Classification and Clusteringidescitation
Security of Wireless Ad hoc network has a primary
concern to provide protected communication between mobile
nodes. When we routing some packet it can use both malicious
node or authenticate node for forwarding and receiving data.
Malicious node can attack like black hole, misuse of data or
hacked information. Our aim is to discuss the feasibility of
monitoring the node of different networks, to analyze it for
providing better security in AODV routing protocol. We
implement data mining techniques for search large amount
of data according characteristic rules and patterns to detect
malicious node. We have used growing neural gas (GNS)
clustering algorithm to make clusters and analysis data. Using
soft computing technique we find patterns, analysis node and
take decision based on decision tree.
Design of Transport Layer Based Hybrid Covert Channel Detection Engineijasuc
Computer network is unpredictable due to information warfare and is prone to various
attacks. Such attacks on network compromise the most important attribute, the privacy. Most of such
attacks are devised using special communication channel called ``Covert Channel''. The word ``Covert''
stands for hidden or non-transparent. Network Covert Channel is a concealed communication path within
legitimate network communication that clearly violates security policies laid down. The non-transparency
in covert channel is also referred to as trapdoor. A trapdoor is unintended design within legitimate
communication whose motto is to leak information. Subliminal channel, a variant of covert channel works
similarly except that the trapdoor is set in a cryptographic algorithm. A composition of covert channel with
subliminal channel is the ``Hybrid Covert Channel''. Hybrid covert channel is homogenous or
heterogeneous mixture of two or more variants of covert channels either active at same instance or at
different instances of time. Detecting such malicious channel activity plays a vital role in removing threat
to the legitimate network. In this paper, we present a study of multi-trapdoor covert channels and
introduce design of a new detection engine for hybrid covert channel in transport layer visualized in TCP
and SSL.
Advisedly delayed packet attack on tcp based mobile ad-hoc networkseSAT Journals
Abstract Efficient routing in mobile ad-hoc networks (MANETs) is a challenging task due to its varying physical channel characteristics, dynamic topology and un-centralized communication. Furthermore, multihop routing is required when the source-destination pairs are not in each other’s communication range. Due to the above challenges these networks are vulnerable to various types of attacks on various layers of the TCP/IP protocol stack. In this thesis, we implement and analyze an attack called advisedly delay packet attack on ad-hoc on-demand distance vector (AODV) routing protocol. The advisedly delay packet attack is an attack that effects the TCP-based as well as UDP-based data transmissions but in this thesis we will also see how it exploits the TCP congestion control mechanism to decrease the throughput of the network. In this attack, the attacker exploit the period of retransmission time out (RTO) of the sender and attack in such a way so the sender is always transmitting in the slow start phase. Keywords- MANETs; Multimedia Streaming; Routing protocols; QoS; Topology; Node Mobility; Network Scalability
ROUTING PROTOCOLS FOR DELAY TOLERANT NETWORKS: SURVEY AND PERFORMANCE EVALUATIONijwmn
Delay Tolerant Networking (DTN) is a promising technology that aims to provide efficient communication
between devices in a network with no guaranteed continuous connectivity. Most existing routing schemes
for DTNs exploit the advantage of message replication to achieve high message delivery rate. However,
these schemes commonly suffer from large communication overhead due to the lack of efficient mechanisms
to control message replication. In this paper we give a brief survey on routing protocols designed for
DTNs, and evaluate the performance of several representative routing protocols including Epidemic, Spray
and Wait, PRoPHET, and 3R through extensive trace-driven simulations. Another objective of this work is
to evaluate the security strength of different routing schemes under common DTN attacks such as the black
hole attack. The results and analysis presented in this paper can provide useful guidance on the design and
selection of routing protocols for given delay-tolerant applications.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
WDA: Wormhole Attack Detection Algorithm based on measuring Round Trip Delay ...ijsrd.com
The recent advancements in the wireless arena and their wide-spread utilization have introduced new security vulnerabilities. The wireless media being shared is exposed to outside world, so it is susceptible to various attacks at different layers of OSI network stack. For example, jamming and device tampering at the physical layer; disruption of the medium access control (MAC) layer; routing attacks like Blackhole, rushing, wormhole; targeted attacks on the transport protocol like session hijacking, SYN flooding or even attacks intended to disrupt specific applications through viruses, worms and Trojan Horses. Wormhole attack is one of the serious routing attacks amongst all the network layer attacks launched on MANET. Wormhole attack is launched by creation of tunnels and it leads to total disruption of the routing paths on MANET. In this paper, Wormhole detection algorithm (WDA) is proposed based on modifying the forwarding packet process that detects and isolates wormhole nodes in ad hoc on demand distance vector (AODV) routing protocol.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
PACKET DROP ATTACK DETECTION TECHNIQUES IN WIRELESS AD HOC NETWORKS: A REVIEWIJNSA Journal
Wireless ad hoc networks have gained lots of attention due to their ease and low cost of deployment. This
has made ad hoc networks of great importance in numerous military and civilian applications. But, the lack
of centralized management of these networks makes them vulnerable to a number of security attacks. One
of the attacks is packet drop attack, where a compromised node drops packets maliciously. Several
techniques have been proposed to detect the packet drop attack in wireless ad hoc networks. Therefore, in
this paper we review some of the packet drop attack detection techniques and comparatively analyze them
basing on; their ability to detect the attack under different attack strategies (partial and or cooperate
attacks), environments and the computational and communication overheads caused in the process of
detection.
Responsive Parameter based an AntiWorm Approach to Prevent Wormhole Attack in...IDES Editor
The recent advancements in the wireless technology
and their wide-spread deployment have made remarkable
enhancements in efficiency in the corporate and industrial
and Military sectors The increasing popularity and usage of
wireless technology is creating a need for more secure wireless
Ad hoc networks. This paper aims researched and developed
a new protocol that prevents wormhole attacks on a ad hoc
network. A few existing protocols detect wormhole attacks but
they require highly specialized equipment not found on most
wireless devices. This paper aims to develop a defense against
wormhole attacks as an Anti-worm protocol which is based on
responsive parameters, that does not require as a significant
amount of specialized equipment, trick clock synchronization,
no GPS dependencies.
PREVENTION OF WORMHOLE ATTACK IN WIRELESS SENSOR NETWORKIJNSA Journal
Ubiquitous and pervasive applications, where the Wireless Sensor Networks are typically deployed, lead to the susceptibility to many kinds of security attacks. Sensors used for real time response capability also make it difficult to devise the resource intensive security protocols because of their limited battery, power, memory and processing capabilities. One of potent form of Denial of Service attacks is Wormhole attack that affects on the network layer. In this paper, the techniques dealing with wormhole attack are investigated and an approach for wormhole prevention is proposed. Our approach is based on the analysis of the two-hop neighbors forwarding Route Reply packet. To check the validity of the sender, a unique key between the individual sensor node and the base station is required to be generated by suitable scheme.
CLUSTER BASED FIDELITY TO SECURE DSDV PROTOCOL AGAINST BLACK HOLE ATTACKSpijans
In this paper, we introduce and discuss an approach that will be used to secure the DSDV routing
protocol in an ad-hoc network. Due to mobility and absence of infrastructure, nodes are more vulnerable
to several malicious attacks. The secure routing is essential to transmit packets from source to the
destination. Our approach consists to model and manage fidelity concept in an ad-hoc clustering
architecture. Clustering makes it possible to group the mobile nodes and to send data simultaneously to
the each group. Our security model thus aims to integrate mechanisms against black hole attacks, forcing cooperation between nodes and detecting failing behaviors. The nodes present in the clusters will work
more efficiently and the message passing within the nodes will also get more authenticated from the
cluster heads. The simulation of our proposed algorithm is carried out using NS2 network simulator by evaluating some network performances such as average delay, throughput of communication and packets
loss
CLUSTER BASED FIDELITY TO SECURE DSDV PROTOCOL AGAINST BLACK HOLE ATTACKSpijans
In this paper, we introduce and discuss an approach that will be used to secure the DSDV routing
protocol in an ad-hoc network. Due to mobility and absence of infrastructure, nodes are more vulnerable
to several malicious attacks. The secure routing is essential to transmit packets from source to the
destination. Our approach consists to model and manage fidelity concept in an ad-hoc clustering
architecture. Clustering makes it possible to group the mobile nodes and to send data simultaneously to
the each group. Our security model thus aims to integrate mechanisms against black hole attacks, forcing
cooperation between nodes and detecting failing behaviors. The nodes present in the clusters will work
more efficiently and the message passing within the nodes will also get more authenticated from the
cluster heads. The simulation of our proposed algorithm is carried out using NS2 network simulator by
evaluating some network performances such as average delay, throughput of communication and packets
loss.
CLUSTER BASED FIDELITY TO SECURE DSDV PROTOCOL AGAINST BLACK HOLE ATTACKSpijans
In this paper, we introduce and discuss an approach that will be used to secure the DSDV routing protocol in an ad-hoc network. Due to mobility and absence of infrastructure, nodes are more vulnerable to several malicious attacks. The secure routing is essential to transmit packets from source to the destination. Our approach consists to model and manage fidelity concept in an ad-hoc clustering architecture. Clustering makes it possible to group the mobile nodes and to send data simultaneously to the each group. Our security model thus aims to integrate mechanisms against black hole attacks, forcing cooperation between nodes and detecting failing behaviors. The nodes present in the clusters will work more efficiently and the message passing within the nodes will also get more authenticated from the cluster heads. The simulation of our proposed algorithm is carried out using NS2 network simulator by evaluating some network performances such as average delay, throughput of communication and packets loss.
CLUSTER BASED FIDELITY TO SECURE DSDV PROTOCOL AGAINST BLACK HOLE ATTACKSpijans
In this paper, we introduce and discuss an approach that will be used to secure the DSDV routing
protocol in an ad-hoc network. Due to mobility and absence of infrastructure, nodes are more vulnerable
to several malicious attacks. The secure routing is essential to transmit packets from source to the
destination. Our approach consists to model and manage fidelity concept in an ad-hoc clustering
architecture. Clustering makes it possible to group the mobile nodes and to send data simultaneously to
the each group. Our security model thus aims to integrate mechanisms against black hole attacks, forcing
cooperation between nodes and detecting failing behaviors. The nodes present in the clusters will work
more efficiently and the message passing within the nodes will also get more authenticated from the
cluster heads. The simulation of our proposed algorithm is carried out using NS2 network simulator by
evaluating some network performances such as average delay, throughput of communication and packets
loss.
A Novel Approach to Detect & Prevent Wormhole Attack over MANET & Sensor n/w ...IOSR Journals
Abstract: In Mobile Ad hoc Network (MANET) mobile node is responsible for route establishment using
wireless link where each node may behave like both as a host and router. MANET encounters number of
security threats because of its open entrusted environment, with little security arrangement, security over
MANET can be enhance up to some satisfactory level because of its inherent characteristics. Among some of
the prominent security threats wormhole attack is considered to be a very serious security threat over MANET.
In wormhole two selfish node which is geographically very far away to each other makes tunnel between each
other to hide their actual location and give the illusion that they are true neighbours and attract other nodes to
make conversation through the wormhole tunnel. Many researchers focused on detecting wormhole attack and
its prevention mechanism. It seems that in the previous technique there is a need to improve their results in the
brink of false negative rate, routing overhead etc. The present paper has proposed the hybrid model in order to
detect and prevent the wormhole attack. This approach has been work with neighbour node and hop count
method.
Keywords: Mobile Ad hoc Network, Selfish node, Malicious node, AODV
Malicious attack detection and prevention in ad hoc network based on real tim...eSAT Journals
Abstract This paper deals with Real Time Operating System (RTOS) based secure wormhole detection and prevention in ad hoc networks. The wormhole attack can form a serious threat to wireless networks, especially against many ad hoc network routing protocols and location based wireless security systems. A wormhole is created in the ad hoc network by introducing two malicious nodes. These two nodes form a worm hole link and message is transmitted through this link. The next part of the work is to detect the wormhole link by defining worm hole detection and prevention algorithm. After detecting suspicious links, one node performs a verification procedure for each suspicious link. The detection procedure and verifying procedure of suspicious worm link are used for further prevention of wormhole attack in the ad hoc network.
Malicious attack detection and prevention in ad hoc network based on real tim...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology.
SECURED GREEDY PERIMETER STATELESS ROUTING FOR WIRELESS SENSOR NETWORKS ijasuc
Wireless sensor networks are collections of large number of sensor nodes. The sensor nodes are featured
with limited energy, computation and transmission power. Each node in the network coordinates with
every other node in forwarding their packets to reach the destination. Since these nodes operate in a
physically insecure environment; they are vulnerable to different types of attacks such as selective
forwarding and sinkhole. These attacks can inject malicious packets by compromising the node.
Geographical routing protocols of wireless sensor networks have been developed without considering the
security aspects against these attacks. In this paper, a secure routing protocol named secured greedy
perimeter stateless routing protocol (S-GPSR) is proposed for mobile sensor networks by incorporating
trust based mechanism in the existing greedy perimeter stateless routing protocol (GPSR). Simulation
results prove that S-GPSR outperforms the GPSR by reducing the overhead and improving the delivery
ratio of the networks.
SECURED GREEDY PERIMETER STATELESS ROUTING FOR WIRELESS SENSOR NETWORKS ijasuc
Wireless sensor networks are collections of large number of sensor nodes. The sensor nodes are featured
with limited energy, computation and transmission power. Each node in the network coordinates with
every other node in forwarding their packets to reach the destination. Since these nodes operate in a
physically insecure environment; they are vulnerable to different types of attacks such as selective
forwarding and sinkhole. These attacks can inject malicious packets by compromising the node.
Geographical routing protocols of wireless sensor networks have been developed without considering the
security aspects against these attacks. In this paper, a secure routing protocol named secured greedy
perimeter stateless routing protocol (S-GPSR) is proposed for mobile sensor networks by incorporating
trust based mechanism in the existing greedy perimeter stateless routing protocol (GPSR). Simulation
results prove that S-GPSR outperforms the GPSR by reducing the overhead and improving the delivery
ratio of the networks.
A black-hole attack in the Mobile Ad-hoc NETwork (MANET) is an attack occurs due to malicious nodes,
which attracts the data packets by falsely advertising a fresh route to the destination. In this paper, we
present a clustering approach in Ad-hoc On-demand Distance Vector (AODV) routing protocol for the
detection and prevention of black-hole attack in MANETs. In this approach every member of the cluster will
ping once to the cluster head, to detect the peculiar difference between the number of data packets received
and forwarded by the node. If anomalousness is perceived, all the nodes will obscure the malicious nodes
from the network.
PACKET DROP ATTACK DETECTION TECHNIQUES IN WIRELESS AD HOC NETWORKS: A REVIEWIJNSA Journal
Wireless ad hoc networks have gained lots of attention due to their ease and low cost of deployment. This has made ad hoc networks of great importance in numerous military and civilian applications. But, the lack of centralized management of these networks makes them vulnerable to a number of security attacks. One of the attacks is packet drop attack, where a compromised node drops packets maliciously. Several techniques have been proposed to detect the packet drop attack in wireless ad hoc networks. Therefore, in this paper we review some of the packet drop attack detection techniques and comparatively analyze them basing on; their ability to detect the attack under different attack strategies (partial and or cooperate attacks), environments and the computational and communication overheads caused in the process of detection.
Similar to A NEW CLUSTER-BASED WORMHOLE INTRUSION DETECTION ALGORITHM FOR MOBILE AD-HOC NETWORKS (20)
Hierarchical Digital Twin of a Naval Power SystemKerry Sado
A hierarchical digital twin of a Naval DC power system has been developed and experimentally verified. Similar to other state-of-the-art digital twins, this technology creates a digital replica of the physical system executed in real-time or faster, which can modify hardware controls. However, its advantage stems from distributing computational efforts by utilizing a hierarchical structure composed of lower-level digital twin blocks and a higher-level system digital twin. Each digital twin block is associated with a physical subsystem of the hardware and communicates with a singular system digital twin, which creates a system-level response. By extracting information from each level of the hierarchy, power system controls of the hardware were reconfigured autonomously. This hierarchical digital twin development offers several advantages over other digital twins, particularly in the field of naval power systems. The hierarchical structure allows for greater computational efficiency and scalability while the ability to autonomously reconfigure hardware controls offers increased flexibility and responsiveness. The hierarchical decomposition and models utilized were well aligned with the physical twin, as indicated by the maximum deviations between the developed digital twin hierarchy and the hardware.
Water scarcity is the lack of fresh water resources to meet the standard water demand. There are two type of water scarcity. One is physical. The other is economic water scarcity.
Final project report on grocery store management system..pdfKamal Acharya
In today’s fast-changing business environment, it’s extremely important to be able to respond to client needs in the most effective and timely manner. If your customers wish to see your business online and have instant access to your products or services.
Online Grocery Store is an e-commerce website, which retails various grocery products. This project allows viewing various products available enables registered users to purchase desired products instantly using Paytm, UPI payment processor (Instant Pay) and also can place order by using Cash on Delivery (Pay Later) option. This project provides an easy access to Administrators and Managers to view orders placed using Pay Later and Instant Pay options.
In order to develop an e-commerce website, a number of Technologies must be studied and understood. These include multi-tiered architecture, server and client-side scripting techniques, implementation technologies, programming language (such as PHP, HTML, CSS, JavaScript) and MySQL relational databases. This is a project with the objective to develop a basic website where a consumer is provided with a shopping cart website and also to know about the technologies used to develop such a website.
This document will discuss each of the underlying technologies to create and implement an e- commerce website.
Student information management system project report ii.pdfKamal Acharya
Our project explains about the student management. This project mainly explains the various actions related to student details. This project shows some ease in adding, editing and deleting the student details. It also provides a less time consuming process for viewing, adding, editing and deleting the marks of the students.
Explore the innovative world of trenchless pipe repair with our comprehensive guide, "The Benefits and Techniques of Trenchless Pipe Repair." This document delves into the modern methods of repairing underground pipes without the need for extensive excavation, highlighting the numerous advantages and the latest techniques used in the industry.
Learn about the cost savings, reduced environmental impact, and minimal disruption associated with trenchless technology. Discover detailed explanations of popular techniques such as pipe bursting, cured-in-place pipe (CIPP) lining, and directional drilling. Understand how these methods can be applied to various types of infrastructure, from residential plumbing to large-scale municipal systems.
Ideal for homeowners, contractors, engineers, and anyone interested in modern plumbing solutions, this guide provides valuable insights into why trenchless pipe repair is becoming the preferred choice for pipe rehabilitation. Stay informed about the latest advancements and best practices in the field.
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdffxintegritypublishin
Advancements in technology unveil a myriad of electrical and electronic breakthroughs geared towards efficiently harnessing limited resources to meet human energy demands. The optimization of hybrid solar PV panels and pumped hydro energy supply systems plays a pivotal role in utilizing natural resources effectively. This initiative not only benefits humanity but also fosters environmental sustainability. The study investigated the design optimization of these hybrid systems, focusing on understanding solar radiation patterns, identifying geographical influences on solar radiation, formulating a mathematical model for system optimization, and determining the optimal configuration of PV panels and pumped hydro storage. Through a comparative analysis approach and eight weeks of data collection, the study addressed key research questions related to solar radiation patterns and optimal system design. The findings highlighted regions with heightened solar radiation levels, showcasing substantial potential for power generation and emphasizing the system's efficiency. Optimizing system design significantly boosted power generation, promoted renewable energy utilization, and enhanced energy storage capacity. The study underscored the benefits of optimizing hybrid solar PV panels and pumped hydro energy supply systems for sustainable energy usage. Optimizing the design of solar PV panels and pumped hydro energy supply systems as examined across diverse climatic conditions in a developing country, not only enhances power generation but also improves the integration of renewable energy sources and boosts energy storage capacities, particularly beneficial for less economically prosperous regions. Additionally, the study provides valuable insights for advancing energy research in economically viable areas. Recommendations included conducting site-specific assessments, utilizing advanced modeling tools, implementing regular maintenance protocols, and enhancing communication among system components.
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
A NEW CLUSTER-BASED WORMHOLE INTRUSION DETECTION ALGORITHM FOR MOBILE AD-HOC NETWORKS
1. International Journal of Network Security & Its Applications (IJNSA), Vol 1, No 1, April 2009
A NEW CLUSTER-BASED WORMHOLE INTRUSION
DETECTION ALGORITHM FOR MOBILE AD-HOC
NETWORKS
1
Debdutta Barman Roy, 2
Rituparna Chaki, 3
Nabendu Chaki
1
Calcutta Institute of Engineering and Management, Kolkata, India,
barmanroy.debdutta@gmail.com
2
West Bengal University of Technology, Kolkata 700064, India,
rchaki@ieee.org
3
University of Calcutta, 92 A.P.C. Road, Kolkata 700009, India
nabendu@ieee.org
ABSTRACT
In multi-hop wireless systems, the need for cooperation among nodes to relay each other's packets
exposes them to a wide range of security attacks. A particularly devastating attack is the wormhole
attack, where a malicious node records control traffic at one location and tunnels it to another
compromised node, possibly far away, which replays it locally. Routing security in ad hoc networks is
often equated with strong and feasible node authentication and lightweight cryptography. Unfortunately,
the wormhole attack can hardly be defeated by crypto graphical measures, as wormhole attackers do not
create separate packets. They simply replay packets already existing on the network, which pass the
cryptographic checks. Existing works on wormhole detection have often focused on detection using
specialized hardware, such as directional antennas, etc. In this paper, we present a cluster based
counter-measure for the wormhole attack, that alleviates these drawbacks and efficiently mitigates the
wormhole attack in MANET. Simulation results on MATLab exhibit the effectiveness of the proposed
algorithm in detecting wormhole attacks.
KEY WORDS
MANET, Wormhole, Cluster, Guard Node, routing
1. INTRODUCTION
Mobile wireless ad hoc networks are fundamentally different from wired networks, as they use
wireless medium to communicate, do not rely on fixed infrastructure, and can arrange them into
a network quickly and efficiently. In a Mobile Ad Hoc Network (MANET), each node serves as
a router for other nodes, which allows data to travel, utilizing multi-hop network paths, beyond
the line of sight without relying on wired infrastructure. Security in such networks, however, is
a great concern [1, 2, 7, 8]. The open nature of the wireless medium makes it easy for outsiders
to listen to network traffic or interfere with it. Lack of centralized control authority makes
deployment of traditional centralized security mechanisms difficult, if not impossible. Lack of
clear network entry points also makes it difficult to implement perimeter-based defense
mechanisms such as firewalls. Finally, in a MANET nodes might be battery-powered and might
have very limited resources, which may make the use of heavy-weight security solutions
undesirable [2, 3, 7, 8, 13].
A wormhole attack is a particularly severe attack on MANET routing where two attackers,
connected by a high-speed off-channel link, are strategically placed at different ends of a
network, as shown in figure 1. These attackers then record the wireless data they overhear,
forward it to each other, and replay the packets at the other end of the network. Replaying valid
44
2. International Journal of Network Security & Its Applications (IJNSA), Vol 1, No 1, April 2009
45
network messages at improper places, wormhole attackers can make far apart nodes believe they
are immediate neighbors, and force all communications between affected nodes to go through
them.
S E
High Speed off Channel Link
D
C
F
B
HG
M1 M2
Tunnel
Figure 1: MANET with a wormhole attack
In general, ad hoc routing protocols fall into two categories: proactive routing protocol that
relies on periodic transmission of routing packets updates, and on-demand routing protocols that
search for routes only when necessary. A wormhole attack is equally worse a threat for both
proactive and on-demand routing protocols [3, 7, 8, 9].
When a proactive routing protocol [10] is used, ad hoc network nodes send periodic HELLO
messages to each other indicating their participation in the network. In Figure 2, when node S
sends a HELLO message, intruder M1 forwards it to the other end of the network, and node H
hears this HELLO message. Since H can hear a HELLO message from S, it assumes itself and
node S to be direct neighbors. Thus, if H wants to forward anything to S, it may do so
unknowingly through the wormhole link. This effectively allows the wormhole attackers full
control of the communication link.
In case of on-demand routing protocols, such as AODV [11], when a node wants to
communicate with another node, it floods its neighbors with requests, trying to determine a path
to the destination. In figure 2, if S wants to communicate with H, it sends out a request. A
wormhole, once again, forwards such request without change to the other end of the network,
may be directly to node H. A request also travels along the network in a proper way, so H is
lead to believe it has a possible route to node S thru the wormhole attacker nodes. If this route is
selected by the route discovery protocol, once again wormhole attackers get full control of the
traffic between S and H. Once the wormhole attackers have control of a link, attackers can drop
the packets to be forwarded by their link. They can drop all packets, a random portion of
packets, or specifically targeted packets1. Attackers can also forward packets out of order or
‘switch’ their link on and off [3].
In this paper, we have proposed an algorithm where intrusion detection has been done in a
cluster based approach to detect the wormhole attacks. The AODV routing protocol is used as
the underlying network topology. A two layer approach is used for detecting whether a node is
acting as a wormhole.
2. RELATED WORKS
Routing security in ad hoc networks is often equated with strong and feasible node
authentication and lightweight cryptography. A wide variety of secure extensions to existing
routing protocols have been proposed over the years. However, the majority of these protocols
are focused on using crypto graphical solutions to prevent unauthorized nodes from creating
seemingly valid packets [8]. Unfortunately, the wormhole attack can not be defeated by crypto
3. International Journal of Network Security & Its Applications (IJNSA), Vol 1, No 1, April 2009
graphical measures, as wormhole attackers do not create separate packets - they simply replay
packets already existing on the network, which pass all cryptographic checks. Perhaps the most
commonly cited wormhole prevention mechanism is ‘packet leashes’ by Hu et al [13]. Hu
proposed to add secure ‘leash’ containing timing and/or Global Positioning System (GPS)
information to each packet on a hop-by-hop basis. Based on the information contained in a
packet leash, a node receiving the packet would be able to determine whether the packet has
traveled a distance larger than physically possible.
Hu proposed two different kinds of leashes: geographical leashes and temporal leashes.
Geographic leashes require each node to have access to up-to-date GPS information, and rely on
loose (in the order of ms) clock synchronization. When geographical leashes are used, a node
sending a packet appends to it the time the packet is sent ts and its location ps. A receiving node
uses its own location pr and the time it receives a packet tr to determine the distance the packet
could have traveled. Keeping in mind maximum possible node velocity v, clock synchronization
error ∆, and possible GPS distance error ∆, the distance between the sender and the receiver dsr
is upper-bounded by:
dsr <||ps - pr||+2v(tr - ts+∆)+∆
Geographical leashes should work fine when GPS coordinates are practical and available.
However, modern GPS technology has significant limitations that should not be overlooked.
While the price of GPS devices is going down, it remains substantial. Besides, GPS is somewhat
of a nuisance for personal laptops. Also, while, as Hu [13, 3] specifies, it is possible to achieve
GPS precision of about 3m with state-of-the-art GPS devices, consumer-level devices do not get
(and do not require) this level of resolution. Finally, GPS systems are not versatile, as GPS
devices do not function well inside buildings, under water, in the presence of strong magnetic
radiation, etc. As opposed to geographical leashes, temporal leashes require much tighter clock
synchronization (in the order of nanoseconds), but do not rely on GPS information. When
temporal leashes are used, the sending node specifies the time it sends a packet ts in a packet
leash, and the receiving node uses its own packet reception time tr for verification. In a slightly
different version of temporal packet leashes, the sending node calculates an expiration time te
after which a packet should not be accepted, and puts that information in the leash. This is to
prevent a packet from traveling farther than distance L
te = ts+L/C-∆, where, C is the speed of light and ∆ is the maximum clock
synchronization error.
Another set of wormhole prevention techniques, somewhat similar to temporal packet leashes
[10], is based on the time of flight of individual packets. Wormhole attacks are possible because
an attacker can make two far-apart nodes see themselves as neighbors. One possible way to
prevent wormholes, as used by Capkun et al [14], Hu et al [15], Hong et al [4], and Korkmaz
[5], is to measure round-trip travel time of a message and its acknowledgement, estimate the
distance between the nodes based on this travel time, and determine whether the calculated
distance is within the maximum possible communication range. The basis of all these
approaches is the following. The Round Trip Travel Time (RTT) δ of a message in a wireless
medium can, theoretically, be related to the distance d between nodes, assuming that the
wireless signal travels with a speed of light c:
d =(δc)/2 and δ=2d/c
The neighbor status of nodes is verified if d is within the radio transmission range R for R > d
(d within transmission range): R >δc/2 and δ<2R/c. In essence, the use of RTT eliminates the
need for tight clock synchronization required in temporal leashes: a node only uses its own
clock to measure time. However, this approach, while accounting for message propagation,
46
4. International Journal of Network Security & Its Applications (IJNSA), Vol 1, No 1, April 2009
completely ignores message processing time. When a message is sent by one node and is
acknowledged by another, the time it takes for a node to process a message and to reply to it is
generally non-negligible, particularly in the context of bounding short distances using signals
whose speed is similar to that of light in vacuum. After all, it takes the light less than 0.2
seconds to circle the entire Earth around the equator. Outstanding clock precision and
practically nonexistent errors are required to bind distances on the order of hundreds of meters.
Several researchers worked on the wormhole attack problem by treating a wormhole as a
misbehaving link. In such approaches, a wormhole attack is not specifically identified. Rather,
the wormhole’s destructive behavior is mitigated. Baruch [6] and Chigan [12] use link rating
schemes to prevent blackhole and wormhole attacks. They both rely on authenticated
acknowledgements of data packets to rate links: if a link is dropping packets, the
acknowledgements do not get through; link is rated low and avoided in the future. These
approaches are geared towards discovery and prevention of only one kind of wormhole
behavior: packet loss. Wormholes can do much more than that: they can send packets out of
order, confuse location-based schemes, or simply aggregate packets for traffic analysis. Even
the distortion of topology information that a wormhole introduce can be a significant problem in
particular networks. The real problem with the wormholes is that unauthorized nodes (wormhole
attackers) are able to transmit valid network messages. Techniques based on links’ performance
may be suitable in certain cases, but they do not fully address the wormhole problem.
In one of our earlier works, [1] a new collaborative algorithm called IDSX had been proposed.
The proposed IDSX offers an extended architecture and is compatible with heterogeneous IDS
already deployed in the participating nodes. In the high level of the architecture of the IDSX
mechanism, the cluster heads act as the links across different clusters. The cluster heads are
IDSX enabled and hence, can utilize alerts to generate the alarms. Alerts represent the potential
security breaches as identified by local IDS active nodes. The IDSX nodes are authorized to
take the final decision of discarding a node after aggregating and correlating the alerts that has
been generated over a period of time.
3. PROPOSED METHODOLOGY
Our objective is to find out the malicious node that performs the wormhole attack in network.
We have assumed that the MANET consists of clusters of nodes. The assumptions regarding the
organization of the MANET are listed in section 3.1.
3.1 Assumptions
The following assumptions are taken in order to design the proposed algorithm.
1. A node interacts with its 1-hop neighbors directly and with other nodes via intermediate
nodes using multi-hop packet forwarding.
2. Every node has a unique id in the network, which is assigned to a new node collaboratively
by existing nodes.
3. The entire network is geographically divided into a few disjoint or overlapping clusters
4. The network is considered to be layered.
5. A cluster head at the inner layer is represented as CH (1,i), where 1 signifies inner Layer, and
i stands for the cluster number
6. Each cluster is monitored by only one cluster head (monitoring node).
7. The cluster membership is restricted up to 2 hops.
3.2 Cluster formation
In this paper, we have proposed an algorithm where intrusion detection has been done in a
cluster based manner to take care of the wormhole attacks. The AODV routing protocol is used
47
5. International Journal of Network Security & Its Applications (IJNSA), Vol 1, No 1, April 2009
as the underlying network topology. A two layer approach is used for detecting whether a node
is participating in a wormhole attack. The layered approach is introduced to reduce the load of
processing on each cluster heads. From security point of view, this will also reduce the risk of a
cluster head being compromised.
The entire network is divided in clusters as in figure 2. The clusters may be overlapped or
disjoint. Each cluster has its own cluster head and a number of nodes designated as member
nodes. Member nodes pass on the information only to the cluster head. The cluster-head is
responsible for passing on the aggregate information to all its members. The cluster head is
elected dynamically and maintains the routing information.
GN is the guard node, used for monitoring the malicious activity. The main purpose of the
guard node is to guard the cluster from possible attacks. The guard node has the power to
monitor the activity of any node within the cluster. The guard node reports to the cluster head of
the respective layer in case a malicious activity is detected. A cluster head in the inner layer
(CH1,i) detects a malicious activity and informs the cluster head CH2 of the outer layer to take
appropriate action. It’s the duty of (CH1,i) to check the number of false routes generated by any
node. The cluster head CH2 of outer layer takes upon itself the responsibility of informing all
nodes of the inner layer about the malicious node.
Outer Layer
CH2
Inner Layer
CH(1,1)CH(1,2)
GNInner
Layer
Figure 2 - The Layered structure
3.2 Cluster Based Detection Technique of Wormhole Attack in MANET
Before, we present the actual algorithm for detection of wormhole attacks, the data structure
used for the purpose has been described below.
1. Round trip time (Tr): When the source node send packet it starts a timer. On receipt of an
acknowledgement, the timer is stopped. The total time elapsed is recorded as Tr.
2. Expected time of delivery (Te): The expected time of delivery of a packet to a destination
node is calculated as the time taken when the source node send HELLO packet to the
destination node and get back an acknowledgement for that.
3. Threshold tolerance (Pth): This refers to the threshold value defined by the monitoring node.
It is the tolerance value for lost packets.
4. Neighbor table (Neighbori):Neighbor table for ith
node consists of {neighbor_id} for all its
neighbors.
5. PKTSNT (S, D): Number of packets sent to a destination node D from source node S.
6. PKTRCD (S, D): Number of packets received by node D from a specific source node S.
Next, we present the algorithm to detect wormhole attacks. When a node in the ith
cluster of
layer 1 suspect wormhole attack within the cluster, it informs the cluster head of ith
cluster at
48
6. International Journal of Network Security & Its Applications (IJNSA), Vol 1, No 1, April 2009
49
layer 1, which is denoted as CH (1,i). CH(1,i) informs cluster head at layer 2 (CH2 ), about the
malicious node. CH2 broadcast this information to all cluster heads at layer 1. The cluster heads
at layer 1 inform their respective cluster members.
Cluster 2
Cluster 1
Cluster Member
Cluster Head at Layer 1 Intruder
Guard Node
Cluster Head At Layer 2
6
1
S
2
4
D
M1
M2
CH1
5
CH2
3
Wormhole Attacker node
Figure 3: Cluster Based Detection Technique
In figure 3, node S sends a HELLO packet for destination node D. S has a path to D via (2, 3).
M1, being in the proximity of S, overhears the HELLO message and forwards the same to node
M2 in the other end of the network. Node D hears this HELLO message from S and therefore
considers S to be its immediate neighbor and follow the route to send message to S via M1 and
M2. The node 3 which is at the overlapping position of two cluster acts as GUARD node who
can here every packet send by node S for the destination node D and monitor the packets route
from souce to destination. The guard node is also called monitoring node. When S observes
some malicious behavior when it sends packet to D it informs the guard node. The guard node
then checks the number of packets send for the node D and those actually received by D from S.
Then it calculates ∆p = PKTSNT(S, D) - PKTRCD (S, D). If the value of ∆p surmounts the
threshold value that is predefined by the monitoring node then monitoring node finds out the
wormhole attack.
Procedure WormHoleDetection
Begin
Step 1: Initiate the network with two cluster and each cluster have some nodes.
Step 2: The node within a cluster having minimum node ID becomes Cluster Head. The
node ID for each node is provided when the node enter into the cluster.
Step 4: Each node stores the information of its immediate neighbors in its neighbor table.
Step 5: The node nearest to both the cluster heads at layer 1 is chosen as the guard node.
7. International Journal of Network Security & Its Applications (IJNSA), Vol 1, No 1, April 2009
Step 7: Source node S sends a HELLO packet to the intermediate node with destination
node ID and cluster ID
Step 7.1: S starts timer, initializes T1
Step 7.2: S increments the PKTCNT(S, D)
Step 7.3: When S get acknowledgement from destination node stop timer, T2
Step 7.4: The expected round trip time is computed as Te = T2 – T 1
Step 7.5: Source node S sends a packet to destination node
Step 7.6: S starts timer TP1
Step 7.7: When S get acknowledgement from destination node stop timer, TP2
Step 7.8: The round trip time is calculated as Tr = . TP2 – TP1
Step 7.9: If Tr << Te then inform guard node.
Step 8: The guard nodes checks number of packet send by source node PKTSNT (S, D)
and number of packet receive by destination node PKTRCD(S, D).
Step 9: ∆p = PKTSNT (S, D) - PKTRCD (S, D).
Step 10: If ∆p > Pth then inform the source node to stop packet transfer.
Step 11: The source node stop packet transfer and inform cluster head.
End.
4. PERFORMANCE ANALYSIS
A simulation study has been done in MatLab. We have worked with a 30 nodes network while
the number of packets sent is varied from 1 to 10. The number of guard nodes has been
increased from 1 to 4. The following are the performance graphs of the network in the presence
of 1, 2, 3, and 4 guard nodes.
Numberofpacketssent
Number of nodes
Figure 6: Number of packets sent and
dropped in presence of 3 guard nodes
Number of nodes
Numberofpacketssent
-2
0
2
4
6
8
10
1 5 9 13 17 21 25 29
Figure 7: Number of packets sent and dropped
in presence of 4 guard nodes
Number of nodes
Numberofpacketssent
-2
0
2
4
6
8
10
1 5 9 13 17 21 25 29
Figure 4: Number of packets sent and
dropped in presence of 1 guard node
-2
0
2
4
6
8
10
1 5 9 13 17 21 25 29
Figu pedre 5: Number of packet sent and drop
in presence of 2 guard nodes
Number of nodes
Numberofpacketssent
-2
0
2
4
6
8
10
1 5 9 13 17 21 25 29
50
8. International Journal of Network Security & Its Applications (IJNSA), Vol 1, No 1, April 2009
In figure 4, we observe that in presence of a single guard node, the number of packet drop and
the number of packet send are nearly the same. So, there is a 50 % improvement in
performance, with the presence of a single guard node.
In figure 5, the number of packet send and the number of packet drops vary due to the presence
of 2 guard nodes. The performance of the network improves further. As evident from figures 6
and 7, it is observed that as the number of guard node increases to 3 and 4 respectively, the
number of packets dropped minimizes. The performance of the network increases accordingly.
Thus, the increase in the number of guard nodes steadily increases the probability of detection
of wormhole attack.
5. CONCLUSION
In this work, a new cluster based wormhole detection method has been proposed. In multi-hop
wireless systems, the need for cooperation among nodes to relay each other's packets exposes
them to a wide range of security threats including the wormhole attack. A number of recent
works have been studied before proposing this new methodology. The proposed solution unlike
some of its predecessors does not require any specialized hardware like directional antennas, etc
for detecting the attackers. or extremely accurate clocks, etc. The simulation using 30 nodes
and variable number of guard nodes prove the effectiveness of the proposed algorithm.
Currently more studies are being done to analyze the performance of the proposed algorithm in
presence of multiple attacker nodes.
6. REFERENCE
[1] Chaki, Rituparna; Chaki, Nabendu; "IDSX: A Cluster Based Collaborative Intrusion Detection
Algorithm for Mobile Ad-Hoc Network"; Proc. of the 6th Int’l Conf. on Computer Information
Systems and Industrial Management Applications (CISIM '07); pp. 179 - 184, June 2007; ISBN:
0-7695-2894-5
[2] Marko Jahnke, Jens Toelle, Alexander Finkenbrink,. Alexander Wenzel, et.al; “Methodologies
and Frameworks for Testing IDS in Adhoc Networks”; Proceedings of the 3rd ACM workshop
on QoS and security for wireless and mobile networks; Chania, Crete Island, Greece, Pages: 113
- 122, 2007
[3] Y.-C. Hu, A. Perrig, D. B. Johnson; “Wormhole Attacks in Wireless Networks”; IEEE Journal
on Selected Areas of Communications, vol. 24, numb. 2, pp. 370-380, 2006
[4] F. Hong, L. Hong, C. Fu; “Secure OLSR”; 19th International Conference on Advanced
Information Networking and Applications, AINA 2005, Vol. 1, 25-30, pp. 713-718, March 2005
[5] Korkmaz T.; “Verifying Physical Presence of Neighbours against Replay-based Attacks in
Wireless Ad Hoc Networks”; Proc. International Conference on Information Technology:
Coding and Computing 2005, ITCC 2005, pp. 704-709, 2005
[6] A. Baruch, R. Curmola, C. Nita-Rotaru, D. Holmer, H. Rubens; “On the Survivability of Routing
Protocols in Ad Hoc Wireless Networks”; Converence on Security and Privacy for Emerging
Areas in Communications, SecureComm 2005
[7] Yang, H. and Luo, H. and Ye, F. and Lu, S. and Zhang, U.; “Security in Mobile Ad Hoc
Networks: Challenges and Solutions”; Wireless Communications, IEEE, vol. 11, num. 1, pp. 38-
47, 2004
[8] Y.-C. Hu, A. Perrig; “A Survey of Secure Wireless Ad Hoc Routing”; Security and Privacy
Magazine, IEEE, vol. 2, issue 3, pp. 28-39, May 2004.
[9] A. Mishra, K. Nadkarni, A. Patcha; “Intrusion Detection in Wireless Ad Hoc Networks”; IEEE
Wireless Communications, Vol 11, issue 1, pg. 48-60, February 2004.
51
9. International Journal of Network Security & Its Applications (IJNSA), Vol 1, No 1, April 2009
[10] T. Clausen, P. Jacquet, A. Laouiti, P. Muhlethaler, A. Qayyum, L. Viennot; “Optimized Link
State Routing Protocol”; Proceedings of IEEE INMIC, Pakistan 2001.
[11] Charles E. Perkins and Elizabeth M. Royer. "Ad hoc On-Demand Distance Vector Routing."
Proceedings of the 2nd IEEE Workshop on Mobile Computing Systems and Applications, New
Orleans, LA, pp. 90-100, 1999.
[12]. C. Chigan, R. Bandaru; “Secure Node Misbehaviors in Mobile Ad Hoc Networks”; Proc. of
IEEE Conf. on Vehicular Technology Conference, VTC 2004, Vol. 7, pp. 4730-4734, 2004
[13] Y.-C. Hu, A. Perrig, D. B. Johnson; “Packet leashes: a defense against wormhole attacks in
wireless networks”; INFOCOM 2003, Twenty-Second Annual Joint Conference of the IEEE
Computer and Communication Societies, Vol. 3, pp. 1976-1986, 2003
[14] S. Capkun, L. Buttyan, J.-P. Hubaux; “SECTOR: Secure Tracking of Node Encounters in Multi-
Hop Wireless Networks”; Proc. of the 1st ACM Workshop on Security of Ad Hoc and Sensor
Networks; 2003
[15] Y-C Hu, A. Perrig, D. Johnson; “Rushing Attacks and Defense in Wireless Ad Hoc Network
Routing Protocols”; Proc. of WISE 2003, September 19, San Diego, California, USA, 2003
Authors
Debdutta Pal received her M. Tech. Degree in Software Engineering from the West
Bengal University of Technology in 2007. She is at present working as a Lecturer at
Calcutta Institute of Engineering and Management, Kolkata, West Bengal. Her
research interests include the field of Computer Networking, and Wireless Mobile
Ad hoc Network.
Rituparna Chaki is a Reader (Associate Professor) in the Department of Computer
Science & Engineering, West Bengal University of Technology, Kolkata, India
since 2005. She received her Ph.D. in 2002 from Jadavpur University, India. The
primary area of research interest for Dr. Chaki is Wireless Mobile Ad hoc
Networks. She has also served as a Systems Manager for Joint Plant Committee,
Government of India for several years before she switched to Academia. Dr. Chaki
also serves as a visiting faculty member in other leading Universities including
Jadavpur University. Dr. Chaki has about 20 referred international publications to
her credit.
Nabendu Chaki is a faculty member in the Department of Computer Science &
Engineering, University of Calcutta, Kolkata, India. He received his Ph.D. in
2000 from Jadavpur University, India. His areas of research interests include
distributed computing and software engineering. Dr. Chaki has also served as a
Research Faculty member in the Ph.D. program in Software Engineering in U.S.
Naval Postgraduate School, Monterey, CA during 2001-2002. He is a visiting
faculty member for many Universities including the University of Ca’Foscari,
Venice, Italy. Dr. Chaki has published more than 50 referred research papers and a
couple of text books. Besides being in the editorial board for 4 Journals, Dr. Chaki
has also served in the committees of several international conferences.
52